Hello, We are trying to implement Bahmni for multiple clinics for same hospital chain (e.g. 5 clinics). We would like to restrict user’s login from only his/her location. In other words, we have 5 locations defined…We would like to restrict user A (from location A) to login only from location A. If user chooses location B,C,D etc then s/he should get an error message…Alternatively user A will see only location A on login page location drop-down…Would you recommend any way to do this, even using custom code? -Pal
Is there anyone who tried to implement this “location based access” option…It is same as visit location with an addition of access control i.e. user associated with location A should not be able to update patients from location B…Any suggestions?
Hi, As of now we don’t have such feature. So far we don’t have any way to map User to Location so can’t even think of any custom way. @sravanthi17, @bharatak, Can you suggest if you have any ideas around this.
Bahmni doesn’t provide any location based access. Location is an additional information that is captured and tagged to all the data that Bahmni stores. As @swathivarkala already mentioned, there isn’t any custom way to achieve this
If an implementer wanted to create this on their own these are the different ways to do it.
-
Hardcode users and corresponding locations in the config json. Show only relevant dropdowns when people login. dev time - 4 hours Implications 2 places to create a user. Maybe requires code to be checked in if they use source control for config. If source control is public, this means exposing login names to the internet. There is possibility of user logging in directly in openmrs and modifying their list of locations Looks like bandage
-
Add expected locations to userproperties of openmrs. Verify user properties when logging in, and prevent login through javascript dev time - 2 days Implications One place to create a user. Admin needs to know exact location names when creating user User can still modify their list of locations via admin page Looks like band-aid (slightly better)
-
Same as 2, but verification of user properties happens via a servlet filter dev time - 2 weeks Implications One place to create a user. Admin needs to know exact location names when creating user User can still modify their list of locations via admin page There are several logins that happen - atom feeds, openmrs login etc where we will need to fix the flow Looks like branded band-aid It can be written and managed by the partner team and need not be part of Bahmni. They can add a Filter in their own OMOD and the logic of managing user/location association as part of it. As part of post deployment steps, they can choose to copy the updated web.xml (with this filter) at a relevant location (/opt/openmrs/openmrs/WEB-INF/web.xml). This way we never need to merge this code in bahmni. This can be completely managed by implementation team.
-
Allow openmrs to support locations natively dev time - too big, maybe never
2 Likes